diff --git a/lib/charms/observability_libs/v0/cert_handler.py b/lib/charms/observability_libs/v0/cert_handler.py index 9dcfc8f..0fc610f 100644 --- a/lib/charms/observability_libs/v0/cert_handler.py +++ b/lib/charms/observability_libs/v0/cert_handler.py @@ -67,7 +67,7 @@ LIBID = "b5cd5cd580f3428fa5f59a8876dcbe6a" LIBAPI = 0 -LIBPATCH = 11 +LIBPATCH = 12 def is_ip_address(value: str) -> bool: @@ -240,6 +240,13 @@ def _generate_csr( This method intentionally does not emit any events, leave it for caller's responsibility. """ + # if we are in a relation-broken hook, we might not have a relation to publish the csr to. + if not self.charm.model.get_relation(self.certificates_relation_name): + logger.warning( + f"No {self.certificates_relation_name!r} relation found. " f"Cannot generate csr." + ) + return + # At this point, assuming "peer joined" and "certificates joined" have already fired # (caller must guard) so we must have a private_key entry in relation data at our disposal. # Otherwise, traceback -> debug. diff --git a/lib/charms/observability_libs/v1/cert_handler.py b/lib/charms/observability_libs/v1/cert_handler.py index 1375550..79458e0 100644 --- a/lib/charms/observability_libs/v1/cert_handler.py +++ b/lib/charms/observability_libs/v1/cert_handler.py @@ -65,7 +65,7 @@ LIBID = "b5cd5cd580f3428fa5f59a8876dcbe6a" LIBAPI = 1 -LIBPATCH = 4 +LIBPATCH = 5 def is_ip_address(value: str) -> bool: @@ -221,6 +221,13 @@ def _generate_csr( This method intentionally does not emit any events, leave it for caller's responsibility. """ + # if we are in a relation-broken hook, we might not have a relation to publish the csr to. + if not self.charm.model.get_relation(self.certificates_relation_name): + logger.warning( + f"No {self.certificates_relation_name!r} relation found. " f"Cannot generate csr." + ) + return + # In case we already have a csr, do not overwrite it by default. if overwrite or renew or not self._csr: private_key = self.private_key